Asp. NET's HtmlForm control learning and the difference between post and get _ practical skills

First, the preface

1. Understanding HTTP (Hypertext Transport Protocol) Hypertext Transfer Protocol

It is a communication protocol between distributed, collaborative, hypermedia system applications. Is the basis for exchanging information on the World Wide Web (wide). It takes the form of HTML documents from a Web server to a Web browser, as illustrated below:

HTTP works on TCP protocols in the TCP/IP protocol system. We can draw the TCP/IP protocol hierarchy model, as shown in the following figure:

the HTTP request method is as follows :
(1). OPTIONS: Returns the HTTP request methods that the server supports for specific resources. You can also use a request to send a ' * ' to a Web server to test the functionality of the server.
(2). Head: Ask the server for a response that is consistent with the GET request, except that the response body will not be returned. This method can get the meta information contained in the response message header without having to transmit the entire response content.
(3). Get: Makes a request to a specific resource. Note: Get methods should not be used in operations that produce "side effects", such as in Web App. One reason is that get may be randomly accessed by web spiders.
(4). POST: Submit data to a specified resource for processing requests (such as submitting a form or uploading a file). The data is included in the request body. Post requests may result in the creation of new resources and/or modification of existing resources.
(5). Put: Uploads the latest content to the specified resource location.
(6). Delete: request the server to delete the resource identified by the Request-uri.
(7). TRACK: echo the request received by the server, primarily for testing or diagnostics.

2. Form submission principle

Here's a quote from Daniel's summary :

(1). When the form is submitted, the content of the form is encapsulated by the browser as an HTTP request, which contains the value of the Name property value of all the form elements and the values of the property, in the form of Name=value.

(2). The HTTP request is parsed and encapsulated as a request object after being acquired by Webserver, and a parameters collection in the Request object is dedicated to holding all the form element name value pairs.

(3). Each form element name value pair is encapsulated into a parameter, and parameter is actually a map, so you can use Request.getparameter (name) to get its value in your servlet.

Now that Daniel has made it clear, we also need to clear what form to submit, where the form tag has a very important attribute is enctype, which sets the encoding to submit the form data. There are three kinds of the following:

(1). application/x-www-form-urlencoded: This is the default encoding, data processing through value values [this I'm still vague]
(2). Multipart/form-data: Process form data in binary flow mode
(3). Text/plain: Used when the form's Action property value is Mailto:url, used to send mail directly through the form

Second, HtmlForm control

the 1.HtmlForm controls are used to control <form> elements, and the main properties are as follows :

Property	Description
Action	URL that defines where to send the data when submitting the form. Note: This property is always set to the url! of the page itself
Attributes	Returns all the attribute name and value pairs for the element.
Disabled	A Boolean value that indicates whether the control is disabled. The default is False.
Enctype	The MIME type used to encode the contents of the form.
Id	The unique ID of the control.
InnerHtml	Sets or returns the content between the start and end tags of the HTML element. Special characters are not automatically converted to HTML entities.
InnerText	Sets or returns all text between the start and end tags of the HTML element. Special characters are automatically converted to HTML entities.
Method	Table the way the server transmits data. The valid values are "post" and "get". The default is "post."
Name	The name of the form.
Runat	Specify that the control is a server control. Must be set to "server".
Style	Sets or returns the CSS properties that are applied to the control.
TagName	Returns the label name of the element.
Target	The target window that loads the URL.
Visible	A Boolean value that indicates whether the control is visible.

The difference is that a get representation is actively uploaded by the browser to the server side, is immediately delivered, its execution is efficient but the amount of data transferred can not be too large, and the Post representation by the server to crawl the data, although not immediately, the Method:post/get However, there is no limit to the amount of data that can be transferred.

Action: The page to which you want to submit the data, that is, the URL to which to send the data.

2.Post difference from get:

Http://jb51.net/web/72554.html
Form provides two ways to transfer data--get and post. Although they are the way data are submitted, they do vary greatly in actual transmission and can have a serious impact on the data. Although the Web container has blocked some of the differences in order to get the variable values conveniently, it is also helpful to know the difference in the future programming.

The Get and post methods in the form correspond to the get and post methods in the HTTP protocol, respectively, in the data transfer process. The main differences are as follows:

1, get is used to obtain data from the server, and post is used to pass data to the server.

2. Get adds the data in the form, in the form of Variable=value, to the URL that the action points to, and both uses the "?" connections, and each variable uses a "&" connection; The post is to place the data in the form in the form's data body, passing it to the URL that the action refers to, according to the variable and the value.

3, get is not safe, because in the transfer process, the data is placed in the requested URL, and many of the existing servers, proxy servers, or user agents will be the request URL to log files, and then put in a place, so that there may be some privacy information by a third party to see. In addition, users can also see the submitted data directly in the browser, some system internal messages will be displayed in front of the user. All operations for post are not visible to the user.

4, get transmission of the small amount of data, which is mainly due to the length of the URL limit, and post can transfer a lot of data, so upload files can only use post (of course, there is a reason, will be mentioned later).

5. The value of the data set of the Get restriction form form must be an ASCII character, and the post supports the entire ISO10646 character set.

6, get is the default method for form.

Using post-transmitted data, you can translate the Chinese correctly by setting the encoding, while the data for get transfers does not change. In future procedures, we must pay attention to this point.

1. The Get method passes the user's data through a URL request, connects the field names in the form with their contents, and puts them into a pair of strings, which are placed after the URL of the program that the action attribute refers to, such as http://www.mdm.com/test.asp?name=asd& Password=sad, the data will be displayed directly on the URL, just as the user clicks on a link; The Post method passes the field names in the form to the server side with the content in the HTML header (header) through the HTTP post mechanism to the action property can be handled by the program, which reads and processes the form's data through standard input (stdin).

2, get method needs to use Request.QueryString to obtain the value of the variable, and Post way through Request.Form to access the content submitted

3. The amount of data transmitted by get is very small, the general limit is about 2 KB, but the execution efficiency is better than the Post method, and the post is a relatively large amount of data, it is waiting for the server to read data, but also have byte limit, this is to avoid the server with a large amount of data for malicious attacks, According to Microsoft, Microsoft has restrictions on the maximum data that can be received with Request.Form (), KB bytes in IIS 4, and KB bytes in IIS 5: Unless you are sure that the data you submitted can be submitted at once, please use the Post method as much as possible.

4, get way to submit data, can bring security problems, such as a landing page, the user name and password will appear on the URL when the data is submitted via get, and if the page can be cached or someone else can access the machine, the user's account and password can be obtained from the history record. So the form submission suggests using the Post method; The common problem with the form pages submitted by the Post method is that if the page is refreshed, a dialog box is suggested: For security reasons, it is recommended that you use post submission data

With regard to the HtmlForm control of ASP.net, it is easy to understand that after the later ASP.net upload the control and request get the form variable. Furthermore, the difference between get and post, is the key, the interview last year because this is not a good answer on the dive back, it seems that the foundation of things to be cooked, a solid ability for the back of the road to carry out the work smoothly.